Privacy Policy - Kew Storage

Effective date: This Privacy Policy applies to all Kew Storage customers in area and explains how personal data is collected, used, stored, shared, and protected in connection with our storage services.

We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK GDPR and the Data Protection Act 2018. This policy explains what information we collect, why we collect it, the legal grounds we rely on, how long we keep it, who may process it on our behalf, and the rights individuals have over their data.

1. Scope of this Policy

This policy applies to all customers, prospective customers, authorised account users, visitors, and other individuals whose personal data we process in connection with Kew Storage services. It covers data collected when you:

  • enquire about our storage services;
  • enter into a storage agreement;
  • access or use our facilities;
  • communicate with us by any means;
  • make payments or manage your account;
  • interact with security systems at our premises.

2. Personal Data We Collect

We collect only the personal data needed to provide secure and effective storage services, manage accounts, and meet our legal obligations. Depending on your relationship with us, we may collect the following categories of information:

2.1 Information you provide directly

  • name, address, email address, and telephone number;
  • date of birth or other identity details where required;
  • billing and payment information;
  • account and contract details;
  • records of correspondence, complaints, and service requests;
  • access permissions and authorised user details;
  • identity documents where necessary for verification or fraud prevention.

2.2 Information collected automatically

  • CCTV footage and access logs;
  • entry and exit records;
  • device or browser information if you interact with digital systems;
  • technical logs relating to security, network, or system use.

2.3 Information from third parties

We may receive information from payment providers, identity verification services, debt recovery partners, insurers, contractors, or public authorities where this is necessary and permitted by law.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to set up and manage customer accounts;
  • to provide storage services and support;
  • to process payments and refunds;
  • to verify identity and prevent fraud;
  • to maintain site security and monitor access;
  • to communicate about bookings, payments, contract changes, or service issues;
  • to handle complaints, claims, and disputes;
  • to comply with legal, regulatory, tax, and accounting obligations;
  • to protect our business, customers, staff, and property;
  • to establish, exercise, or defend legal rights.

We do not use personal data for unrelated purposes that would be incompatible with the reasons it was originally collected.

4. Lawful Basis for Processing

We only process personal data where we have a valid lawful basis under the UK GDPR. Depending on the activity, the lawful bases we rely on are:

4.1 Contract

We process personal data when it is necessary to enter into or perform a storage contract. This includes account administration, billing, customer support, and service delivery.

4.2 Legal obligation

We may process personal data to comply with laws relating to taxation, accounting, anti-money laundering checks where applicable, fraud prevention, safety, and lawful record keeping.

4.3 Legitimate interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided your rights and freedoms do not override those interests. This may include security monitoring, access control, debt recovery, service improvement, and protecting against misuse or criminal activity.

4.4 Consent

In limited cases, we may rely on your consent, for example where the law requires consent for a particular processing activity. If we rely on consent, you may withdraw it at any time.

4.5 Vital interests and public task

These lawful bases are unlikely to apply in most cases, but may be used if necessary in exceptional circumstances.

5. Data Sharing and Processors

We do not sell personal data. We may share data only where needed for the purposes described in this policy, and only with trusted third parties acting as processors or independent controllers where lawfully permitted.

5.1 Processors acting on our behalf

Processors handle personal data under our instructions and are contractually required to safeguard it. They may include:

  • payment service providers;
  • IT hosting, cloud storage, and system support providers;
  • security and CCTV service providers;
  • identity verification and fraud prevention providers;
  • customer communication and document management providers;
  • professional advisers, such as accountants, auditors, lawyers, or insurers;
  • debt collection or recovery partners where necessary.

5.2 Other disclosures

We may also disclose personal data where required by law or where necessary to protect rights, property, or safety. This may include disclosure to law enforcement, regulators, courts, or emergency services. Any disclosure is limited to what is necessary and proportionate.

6. International Transfers

If any processor or service provider stores or accesses personal data outside the UK, we ensure appropriate safeguards are in place, such as adequacy regulations or approved contractual protections, so that your data remains protected to the required legal standard.

7. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, insurance, and dispute resolution requirements. Retention periods vary depending on the type of data and the purpose for which it is processed.

In general:

  • customer contract and billing records are kept for the duration of the relationship and for a further period required by law;
  • financial and tax records are retained for statutory periods;
  • security logs and access records are retained for a limited period unless needed longer for investigation or legal claims;
  • correspondence and complaint records are retained for as long as necessary to resolve the matter and manage future risk.

When personal data is no longer needed, we will delete, anonymise, or securely destroy it.

8. Data Security

We use appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, alteration, disclosure, or destruction. These measures may include access controls, encryption, secure storage, staff confidentiality obligations, and regular review of security practices. While no system can be guaranteed completely secure, we take reasonable and proportionate steps to protect information.

9. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These may include:

  • the right of access – to request a copy of the personal data we hold about you;
  • the right to rectification – to ask us to correct inaccurate or incomplete data;
  • the right to erasure – to request deletion of data in certain circumstances;
  • the right to restriction – to ask us to limit how we use your data in certain situations;
  • the right to object – to object to processing based on legitimate interests or direct marketing;
  • the right to data portability – to receive certain data in a structured, commonly used format where applicable;
  • the right to withdraw consent – where processing is based on consent;
  • the right to complain – to raise concerns with the relevant supervisory authority.

If you exercise any of these rights, we may need to verify your identity before responding. Some rights may be limited where data must be retained for legal reasons or where other lawful grounds apply.

10. Children’s Data

Our services are intended for adults and business or personal storage customers. We do not knowingly collect personal data from children unless it is incidentally provided and necessary for a lawful purpose. If we become aware that such data has been collected inappropriately, we will take appropriate steps to delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, regulation, or our services. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how their data is handled.

12. Summary of Our Commitment

Kew Storage is committed to respecting privacy, using personal data responsibly, and ensuring that all processing is lawful, secure, and limited to what is necessary. We aim to maintain transparency, protect customer information, and support individuals in exercising their rights under data protection law.

This policy is intended to apply to all Kew Storage customers in area and governs the handling of personal data in connection with our storage services.

Call Now!
Call Now Get a Quote
Kew Storage

GDPR-compliant Privacy Policy for Kew Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.